dependabot-common 0.264.0 → 0.265.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 89c02cd9122ad1a2574c71155c83627af13e7975e520fe2edb0573959f719049
4
- data.tar.gz: 042f09ae791ba2420b73d3076bc716e3354b56f210bd0d14d6b5aa01b1efb216
3
+ metadata.gz: 4715cad47e5311ab6deb63b425cb37b8e9ad44266d20154ada92f5eebeb1072a
4
+ data.tar.gz: 4194a3c0d440f8d320cfad7789f2e0237871236e0d39da5dc8b8705608c6176f
5
5
  SHA512:
6
- metadata.gz: 76061ba6700c3b8faa97e7699ab35890546fb5c06dd7f3113a067e76522e0bf7a3d2eecf180c7a3b94bc320cfeb51572265be90cf5df2be269e290141db0729c
7
- data.tar.gz: 79cd186ce00c0bbea7586d1c582bffaf96b165004b289b1527cfdcac669fe8aee72c4549646cabebe4c3937f9402d675fe13b7e7ca97dbdb7907651e8489f522
6
+ metadata.gz: d86205634fc7375b9b652137782d4686c4763c278456ce52cd5af6d2778aa19540e4be8fa0203770234264e8e6af15105fffc428d4c5b160b94d6b1719b50a4f
7
+ data.tar.gz: f3db0f9d9fd293ae3904812b81ec15f400a6b16973e4327f6c23556b27ce35bc767821693a4c6f105ed49b2d316546c906d586f9955e55ffcf8301b20720967e
@@ -144,14 +144,14 @@ module Dependabot
144
144
  max_local_tag(allowed_version_tags)
145
145
  end
146
146
 
147
- sig { returns(T::Array[T.nilable(T::Hash[Symbol, T.untyped])]) }
147
+ sig { returns(T::Array[T::Hash[Symbol, T.untyped]]) }
148
148
  def local_tags_for_allowed_versions_matching_existing_precision
149
- select_matching_existing_precision(allowed_version_tags).map { |t| to_local_tag(t) }
149
+ select_matching_existing_precision(allowed_version_tags).filter_map { |t| to_local_tag(t) }
150
150
  end
151
151
 
152
- sig { returns(T::Array[T.nilable(T::Hash[Symbol, T.untyped])]) }
152
+ sig { returns(T::Array[T::Hash[Symbol, T.untyped]]) }
153
153
  def local_tags_for_allowed_versions
154
- allowed_version_tags.map { |t| to_local_tag(t) }
154
+ allowed_version_tags.filter_map { |t| to_local_tag(t) }
155
155
  end
156
156
 
157
157
  sig { returns(T::Array[Dependabot::GitRef]) }
@@ -134,13 +134,15 @@ module Dependabot
134
134
  args: T.any(T::Array[T.any(String, T::Array[T::Hash[String, T.untyped]])], T::Hash[Symbol, String]),
135
135
  env: T.nilable(T::Hash[String, String]),
136
136
  stderr_to_stdout: T::Boolean,
137
- allow_unsafe_shell_command: T::Boolean
137
+ allow_unsafe_shell_command: T::Boolean,
138
+ error_class: T.class_of(HelperSubprocessFailed)
138
139
  )
139
140
  .returns(T.nilable(T.any(String, T::Hash[String, T.untyped], T::Array[T::Hash[String, T.untyped]])))
140
141
  end
141
142
  def self.run_helper_subprocess(command:, function:, args:, env: nil,
142
143
  stderr_to_stdout: false,
143
- allow_unsafe_shell_command: false)
144
+ allow_unsafe_shell_command: false,
145
+ error_class: HelperSubprocessFailed)
144
146
  start = Time.now
145
147
  stdin_data = JSON.dump(function: function, args: args)
146
148
  cmd = allow_unsafe_shell_command ? command : escape_command(command)
@@ -180,33 +182,54 @@ module Dependabot
180
182
  process_termsig: process.termsig
181
183
  }
182
184
 
183
- check_out_of_memory_error(stderr, error_context)
185
+ check_out_of_memory_error(stderr, error_context, error_class)
184
186
 
185
187
  begin
186
188
  response = JSON.parse(stdout)
187
189
  return response["result"] if process.success?
188
190
 
189
- raise HelperSubprocessFailed.new(
191
+ raise error_class.new(
190
192
  message: response["error"],
191
193
  error_class: response["error_class"],
192
194
  error_context: error_context,
193
195
  trace: response["trace"]
194
196
  )
195
197
  rescue JSON::ParserError
196
- raise HelperSubprocessFailed.new(
197
- message: stdout || "No output from command",
198
- error_class: "JSON::ParserError",
199
- error_context: error_context
200
- )
198
+ raise handle_json_parse_error(stdout, stderr, error_context, error_class)
201
199
  end
202
200
  end
203
201
 
202
+ sig do
203
+ params(stdout: String, stderr: String, error_context: T::Hash[Symbol, T.untyped],
204
+ error_class: T.class_of(HelperSubprocessFailed))
205
+ .returns(HelperSubprocessFailed)
206
+ end
207
+ def self.handle_json_parse_error(stdout, stderr, error_context, error_class)
208
+ # If the JSON is invalid, the helper has likely failed
209
+ # We should raise a more helpful error message
210
+ message = if !stdout.strip.empty?
211
+ stdout
212
+ elsif !stderr.strip.empty?
213
+ stderr
214
+ else
215
+ "No output from command"
216
+ end
217
+ error_class.new(
218
+ message: message,
219
+ error_class: "JSON::ParserError",
220
+ error_context: error_context
221
+ )
222
+ end
223
+
204
224
  # rubocop:enable Metrics/MethodLength
205
- sig { params(stderr: T.nilable(String), error_context: T::Hash[Symbol, String]).void }
206
- def self.check_out_of_memory_error(stderr, error_context)
225
+ sig do
226
+ params(stderr: T.nilable(String), error_context: T::Hash[Symbol, String],
227
+ error_class: T.class_of(HelperSubprocessFailed)).void
228
+ end
229
+ def self.check_out_of_memory_error(stderr, error_context, error_class)
207
230
  return unless stderr&.include?("JavaScript heap out of memory")
208
231
 
209
- raise HelperSubprocessFailed.new(
232
+ raise error_class.new(
210
233
  message: "JavaScript heap out of memory",
211
234
  error_class: "Dependabot::OutOfMemoryError",
212
235
  error_context: error_context
@@ -136,7 +136,7 @@ module Dependabot
136
136
 
137
137
  # Lowest available security fix version not checking resolvability
138
138
  # @return [Dependabot::<package manager>::Version, #to_s] version class
139
- sig { overridable.returns(Dependabot::Version) }
139
+ sig { overridable.returns(T.nilable(Dependabot::Version)) }
140
140
  def lowest_security_fix_version
141
141
  raise NotImplementedError, "#{self.class} must implement #lowest_security_fix_version"
142
142
  end
@@ -363,7 +363,7 @@ module Dependabot
363
363
  end
364
364
 
365
365
  # TODO: Should this return Dependabot::Version?
366
- sig { returns(T.nilable(Gem::Version)) }
366
+ sig { returns(T.nilable(Dependabot::Version)) }
367
367
  def current_version
368
368
  @current_version ||=
369
369
  T.let(
data/lib/dependabot.rb CHANGED
@@ -2,5 +2,5 @@
2
2
  # frozen_string_literal: true
3
3
 
4
4
  module Dependabot
5
- VERSION = "0.264.0"
5
+ VERSION = "0.265.0"
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.264.0
4
+ version: 0.265.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-07-05 00:00:00.000000000 Z
11
+ date: 2024-07-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-codecommit
@@ -597,7 +597,7 @@ licenses:
597
597
  - MIT
598
598
  metadata:
599
599
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
600
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.264.0
600
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.265.0
601
601
  post_install_message:
602
602
  rdoc_options: []
603
603
  require_paths: